Cloud Security Alliance

The Cloud Security Alliance (CSA) is a global not-for-profit organization dedicated to promoting best practices for security assurance within cloud computing and artificial intelligence, while also providing education on securing all forms of computing. Founded in 2008, its mission is to foster a trusted cloud ecosystem by offering essential resources and guidance to both cloud service providers and consumers. The organization's global headquarters are located in Seattle, Washington, USA.

CSA delivers its mission through a range of services including research, education, certification programs, and industry events. Key offerings include frameworks such as the Cloud Controls Matrix (CCM), the Security, Trust & Assurance Registry (STAR), and the AI Controls Matrix (AICM), which help organizations assess and improve their security posture. It also provides certifications like the Certificate of Cloud Security Knowledge (CCSK) and the Trusted AI Safety Expert (TAISE) Certificate, aimed at validating expertise in cloud and AI security.

In recent developments, CSA has significantly expanded its focus on artificial intelligence security, launching the CSAI Foundation and announcing milestones to secure the "agentic control plane." This includes a new catastrophic risk initiative and becoming a CVE Numbering Authority. Recent surveys conducted by CSA highlight prevalent challenges, such as 82% of enterprises having unknown AI agents in their environments, leading to frequent security incidents. The organization is led by a team including Co-Founder and CEO Jim Reavis and President Illena Armstrong, maintaining its position as a leading authority in AI, cloud, and Zero Trust cybersecurity education.